9dba29bc5456edd1bd99a60c1006aff1466d24016a120653d7b505939559aec4 | Triage

Sharing

General

Target

9dba29bc5456edd1bd99a60c1006aff1466d24016a120653d7b505939559aec4
Size

375KB
Sample

221201-asyqlaha86
MD5

25a660f83de79eb1eeab82999fb81976
SHA1

1af5ac3e5597168585336157d5110b8d36e5423a
SHA256

9dba29bc5456edd1bd99a60c1006aff1466d24016a120653d7b505939559aec4
SHA512

3caf33f4e54014016a4f9fd940de54ac0b7a9d487935febf89fc2915c971053816490d345ee07c66fa47aa49a06c0d8fe3e16f391ab0afdfb7f2e8c16546c8c9
SSDEEP

6144:8Uvbx4PkcOz6JmNmxT+hbNNpZZT8AVZzuPChJ:pu8OJm4+h/Z46NJ

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  9dba29bc5456edd1bd99a60c1006aff1466d24016a120653d7b505939559aec4
- Size
  
  375KB
- MD5
  
  25a660f83de79eb1eeab82999fb81976
- SHA1
  
  1af5ac3e5597168585336157d5110b8d36e5423a
- SHA256
  
  9dba29bc5456edd1bd99a60c1006aff1466d24016a120653d7b505939559aec4
- SHA512
  
  3caf33f4e54014016a4f9fd940de54ac0b7a9d487935febf89fc2915c971053816490d345ee07c66fa47aa49a06c0d8fe3e16f391ab0afdfb7f2e8c16546c8c9
- SSDEEP
  
  6144:8Uvbx4PkcOz6JmNmxT+hbNNpZZT8AVZzuPChJ:pu8OJm4+h/Z46NJ
Score

8^/10

persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2